5.5

CVE-2026-31770

EPSS 0.01%
Veröffentlicht 01.05.2026 14:14:59
Zuletzt bearbeitet 11.05.2026 17:58:07
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

hwmon: (occ) Fix division by zero in occ_show_power_1()

In the Linux kernel, the following vulnerability has been resolved:

hwmon: (occ) Fix division by zero in occ_show_power_1()

In occ_show_power_1() case 1, the accumulator is divided by
update_tag without checking for zero. If no samples have been
collected yet (e.g. during early boot when the sensor block is
included but hasn't been updated), update_tag is zero, causing
a kernel divide-by-zero crash.

The 2019 fix in commit 211186cae14d ("hwmon: (occ) Fix division by
zero issue") only addressed occ_get_powr_avg() used by
occ_show_power_2() and occ_show_power_a0(). This separate code
path in occ_show_power_1() was missed.

Fix this by reusing the existing occ_get_powr_avg() helper, which
already handles the zero-sample case and uses mul_u64_u32_div()
to multiply before dividing for better precision. Move the helper
above occ_show_power_1() so it is visible at the call site.

[groeck: Fix alignment problems reported by checkpatch]

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

NVD 13 VulnDex Vulnerability Enrichment 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.0 < 5.10.253

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.203

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.168

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.134

Linux ≫ Linux Kernel Version >= 6.7 < 6.12.81

Linux ≫ Linux Kernel Version >= 6.13 < 6.18.22

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.12

Linux ≫ Linux Kernel Version7.0 Updaterc1

Linux ≫ Linux Kernel Version7.0 Updaterc2

Linux ≫ Linux Kernel Version7.0 Updaterc3

Linux ≫ Linux Kernel Version7.0 Updaterc4

Linux ≫ Linux Kernel Version7.0 Updaterc5

Linux ≫ Linux Kernel Version7.0 Updaterc6

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.023

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-369 Divide By Zero

The product divides a value by zero.

https://git.kernel.org/stable/c/c7d3712362c8ab8f82f441b649d9e446e7b9aa9d

Patch

https://git.kernel.org/stable/c/53e6175756b8c474b6247bbcea0aad3d68357475

Patch

https://git.kernel.org/stable/c/2502684b9e835de9a992ec47c3e6c6faabe3858d

Patch

https://git.kernel.org/stable/c/37ae8fadc74ed68e5bc364ffd17746d88e449ae3

Patch

https://git.kernel.org/stable/c/bbbefc48f6617cfb738dcff7f44beb50b5dfeb38

Patch

https://git.kernel.org/stable/c/243d55bd3f08cb15eee9d63f4716d4d4cdd760f5

Patch

https://git.kernel.org/stable/c/7b89ce0c98bf3015f493ca4285b2d1056cd8c733

Patch

https://git.kernel.org/stable/c/39e2a5bf970402a8530a319cf06122e216ba57b8

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31770

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31770

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31770

EUVD